Only ‘Trusted Sources’ to Power India's 5G Roll Out; Cabinet approves security framework

IN a major decision Wednesday, the Modi cabinet approved a National Security Directive on Telecom, aimed at securing the country’s 5G roll out from any hostile takeover or sabotage by an enemy by setting up an architecture to allow only trusted vendors and products to participate in the technology transition. Without naming China, the new framework aims at weeding out those products or vendors who could pose a national cyber security threat using the 5G network.  

The Directive would achieve this by creating a layer of oversight through a committee headed by one of the deputy National Security Advisors. Called the National Security Committee of Telecom, it would have members from relevant departments and ministries, as also experts from the industry and academia, sources informed.

The Committee would be charged with the screening of applications of the Telecom Service Providers (TSPs) on parameters of national security as decided from time to time. The government would declare a list of Trusted Products (TPs) on telecom based on recommendations of the National Cyber Security Coordinator, and all TSPs would need to comply with the guidelines for their devices and equipment to become trusted vendors. 

A negative list of ‘Designated Sources’ could also be created which would contain names of products and vendors from whom no procurement would be allowed, thus securing the entire supply chain as we move from 4G to 5G. Sources however clarified that as of now no mandatory replacement of the existing equipment is envisaged. The directive shall come into force 180 days after getting approved. 

Further, from among the sources declared as ‘Trusted Source’ by the Committee, those meeting the criteria of the Department of Telecom’s Preferential Market Access Scheme would get certified as ‘Indian Trusted Sources’. The entire exercise is aimed at broad basing the use of ‘Indian Trusted Sources’ in the roll out of 5G technology in India, thus incentivising Modi government’s Atma Nirbhar Bharat project as well. 

Once implemented, the Department of Telecom would modify its existing guidelines to comply with the new National Security Directive on Telecom. A portal would be put in place for easy upload of applications by the TSPs and equipment vendors in keeping with the new compliance norms. 

The decision gains significance in the light of the fact that India is among the top three countries facing cyber-attacks around the world. The Computer Emergency Response Team (CERT) of India handled as many as four lakh cyber incidents in 2019 alone. The Wuhan virus impacted 2020 has seen a spike in cyber warfare with India facing as many as seven lakh cyber-attacks till August, both on government and private individuals, as per the ministry of electronics and information technology (MeitY) data that was shared with the parliament. Government sources inform that a huge sum of Rs 1,24,000 crores was lost to cybercrime in India in 2019 from ransomware attacks to identity theft.

Vulnerabilities of data and equipment would see quantum jump with super speeds and interconnected devices in the fifth generation telecom technology, making this extra layer of security around the nation’s telecom infrastructure an imperative, informed sources.